December 1, 2000

OpenBSD 2.8 released

Author: JT Smith

It is our pleasure to officially announce the release of OpenBSD 2.8.
Just over 6 weeks ago, on October 18, OpenBSD turned 5 years old. In
celebration of this milestone, we invite you to enjoy our 8th release
on CDROM (and 9th via FTP). We continue to celebrate OpenBSD's record
of three years without a remote hole in the default install.
Just like
all of our previous releases, 2.8 provides significant improvements,
including new features, in nearly all areas of the system:

Hardware support is improved
(http://www.OpenBSD.org/plat.html)
OpenBSD 2.8 will run on Apple iMac, G3, G4, and G4 Cube machines.

Improved hardware crypto support, now including Hifn PowerCrypt and
Broadcom Bluesteelnet (uBsec) hardware accelerator boards.

Many new Ethernet devices supported, including National
Semiconductor
DP83815-based adapters, 3Com MiniPCI adapters, 3Com 574-based
PCMCIA,
and many new CardBus devices (Xircom, Intel 21143, Intel CardBus
II).

Support for most of the Gigabit Ethernet cards on the market, i.e.,
SysKonnect, Intel, and Alteon-based.

Support for most types of USB devices, including Ethernet,
printers,
audio, etc. Sync your Handspring Visor, or transfer MP3s to your
Rio.

Support for 3ware Escalade 3W-5x000 and 3W-6x000 series RAID
controllers.

New audio support, including the Cirrus Logic CS4280, ForteMedia
FM801,
and integrated audio chips found on newer VIA and Intel
motherboards.

Improvements and new support in the PCI IDE subsystem.

Security has been further strengthened
(http://www.OpenBSD.org/security.html)

In response to the threat posed by so-called "format string" bugs,
OpenBSD
performed a complete source tree audit in June to identify and
correct
such problems. This involved countless hours of code reading and
careful
bug fixes. We are confident that these issues have been solved and
that once again our proactive security auditing process has proved
itself
an
invaluable component of the OpenBSD philosophy.

Several other security issues dealt with across the system, many of
which
were identified by members of the OpenBSD team themselves. Please
see
http://www.openbsd.org/errata27.html for more details on what was
fixed.

Even more integrated cryptography
(http://www.OpenBSD.org/crypto.html)

OpenSSH has been improved, debugged, and is now at version 2.3.0.
Support
for both SSH1 and SSH2 protocols ensures maximum interoperability
with
other implementations. This version also includes an SFTP server
for
secure file transfers with several Windows-based clients. Since
OpenSSH
is free, it has continued to gain acceptance on other operating
systems
as well. For more information, see http://www.OpenSSH.com, or
simply install OpenBSD 2.8 and try it out. Our sincerest thanks to Markus
Friedl,
one of our developers and the driving force behind OpenSSH.

The celebration continues. What better birthday present for
OpenBSD
than
the expiration of the RSA patent? SSL libraries now come as part of
the
base operating system install, permitting SSL and RSA applications
to
work normally without fancy installation tricks. These
applications
now
include httpd, isakmpd, and ssh.

Our already very mature IPSEC code has been enhanced to comply with
the latest standard changes, i.e., AES. Using IPSEC and bridging,
Ethernets can be securely tunneled over the Internet. The IKE
isakmpd
has become more robust and can be used in a configuration-less mode
in
conjunction with certificates. IPSEC performance has improved for
software cryptography, but with hardware crypto accelerators
(including HiFn and Broadcom based encryption processors), incredibly
fast IPSEC processing is possible.

Improving on the encryption of swap space introduced in the
previous
release, OpenBSD now uses Rijndael, the recently chosen AES
encryption
standard.

Many other bugs fixed
(http://www.OpenBSD.org/plus28.html)

The "ports" tree is greatly improved
(http://www.OpenBSD.org/ports.html)

The 2.8 CD ships with many more pre-built packages for the common
architectures. The FTP site contains hundreds more packages (for
the
important architectures) which we could not fit onto the CDs. A
list of
those packages is appended below.

Many subsystems improved and updated since the last release:
XFree86 3.3.6-current
gcc 2.95.3
perl 5.6.0 plus a few fixes.
Apache 1.3.12 (+ patches), Mod_ssl 2.6.2, OpenSSL 0.9.5a, DSO
support
ipf 3.3.18
groff 1.15
sendmail 8.10.1
lynx 2.8.2 with HTTPS support added
sudo 1.6.3p5
ncurses 5.2
Latest KAME IPv6
KTH Kerberos 1.0.2
OpenSSH 2.3.0

If you'd like to see a list of what has changed between OpenBSD 2.7 and
2.8, look at
http://www.OpenBSD.org/plus28.html.

Even though the list is a summary of the most important changes made to
OpenBSD, it still is a very very long list -- more than 700 major
changes.

This is our ninth OpenBSD release, and the eighth release which is
available on CDROM. Our releases have been spaced six months apart,
and we plan to continue this timing.

Security and errata

We provide patches for known security threats and other important
issues
discovered after each CD release. As usual, between the creation of the
OpenBSD 2.8 FTP/CDROM binaries and the actual 2.8 release date, our
team
found and fixed some new reliability problems (note: most are minor,
and
in subsystems that are not enabled by default). Our continued research
into security means we will find new security problems -- and we always
provide patches as soon as possible. Therefore, we advise regular
visits to
http://www.OpenBSD.org/security.html
and
http://www.OpenBSD.org/errata.html.

CDROM sales

OpenBSD 2.8 is also available on CDROM. A 2-CD set which costs $30USD
is available via mail order and from a number of contacts around the
world. The set includes a colorful booklet which carefully explains
the installation of OpenBSD. A new set of cute little stickers is
also
included (sorry, but our FTP mirror sites do not support STP, the
Sticker Transfer Protocol). Profits from these sales are the primary
income source for the OpenBSD project -- in essence selling these
CDROM units ensures that OpenBSD will continue to make another release
six months from now.

For more information on ordering CDROMs, see http://www.OpenBSD.org/orders.html.
The above web page lists a number of places where OpenBSD CDROMs can
be purchased. For our default mail order, go directly to
https://https.openbsd.org/cgi-bin/order
or, for European orders,
https://https.openbsd.org/cgi-bin/order.eu.

All of our developers strongly urge you to buy a CDROM and support our
future efforts. As well, donations to the project are highly
appreciated, as described in more detail at
http://www.OpenBSD.org/goals.html#funding.

T-shirt sales

The project continues to expand its funding base by selling T-shirts
and
polo shirts. And our users like them, too. We have a variety of shirts
available, with the new and old designs, from our web ordering system
at
https://https.openbsd.org/cgi-bin/order.
With this release, we introduce 2 new shirts.

FTP installs

If you choose not to buy an OpenBSD CDROM, OpenBSD can be easily
installed via FTP. Typically you need a single small piece of boot
media (e.g., a boot floppy) and then the rest of the files can be
installed from a number of locations, including directly off the
Internet. Follow this simple set of instructions to ensure that you
find all of the documentation you will need while performing an install
via FTP. With the CDROMs, the necessary documentation is easier to
find.

Read either of the following two files for a list of ftp
mirrors which provide OpenBSD, then choose one near you:
http://www.OpenBSD.org/ftp.html;
ftp://ftp.OpenBSD.org/pub/OpenBSD/2.8/ftplist.

XFree86 for most architectures

XFree86 has been integrated more closely into the system. This
release contains XFree86 3.3.6. Most of our architectures ship with
XFree86, even the sparc and powerpc. During installation, you can
install
XFree86 quite easily. Be sure to try out xdm(1) and see how we have
customized it for OpenBSD.

Ports tree

The OpenBSD ports tree contains automated instructions for building
third party software. The software has been verified to build and run
on the various OpenBSD architectures. The 2.8 ports collection,
including many of the distribution files, is included on the 2-CD set.
Please see PORTS file for more information.
Note: some of the most popular ports, e.g., the Apache web server and
several X applications, are now a standard part of OpenBSD. Also,
other popular ports have been pre-compiled for those who do not desire
to build their own binaries.

Binary packages we provide

A number of binary packages are provided. Please see PACKAGES file
(ftp://ftp.OpenBSD.org/pub/OpenBSD/PACKAGES) for more details.

System source code

The CDROMs contain source code for all the subsystems explained above,
and the README (ftp://ftp.OpenBSD.org/pub/OpenBSD/README) file explains how to deal with these source files. For those who are doing
an FTP install, the source code for all four subsystems can be
found in the pub/OpenBSD/2.8/ directory:
X11.tar.gz; ports.tar.gz; src.tar.gz; srcsys.tar.gz.

Thanks

OpenBSD 2.8 introduces artwork and CD artistic layout by Ty Semaka
(who as it happens, performs in a band called the Plaid Tongued
Devils, http://www.thedevils.com/). Ports tree and package building
by Brad Smith, Marc Espie, and Chris Turan. System builds by Theo de
Raadt, Niklas Hallqvist, Todd Fries, Steve Murphree, Miod Vallat,
Mats O Jansson, Marc Espie, and Bob Beck. ISO-9660 filesystem layout
by Theo de Raadt. Release announcement written by Aaron Campbell.
We would like to thank all of the people who sent in bug reports, bug
fixes, donation checks, and hardware that we use. We would also like
to thank those who bought our previous CDROMs. Those who did not
support us financially have still helped us with our goal of improving
the quality of the software.

Our developers are:
Aaron Campbell, Angelos D. Keromytis, Anil Madhavapeddy, Artur
Grabowski,
Assar Westerlund, Bob Beck, Brad Smith, Brandon Creighton, Brian
Somers,
Bruno Rohee, Camiel Dobbelaar, Chris Cappuccio, Christian Weisgerber,
Chris Turan, Constantine Sapuntzakis, Craig Metz, Dale Rahn, Damien
Miller,
Dan Harnett, David Terrell, David Leonard, David Sacerdote, Dug Song,
Eric Jackson, Federico G. Schwindt, Hakan Olsson, Hans Insulander,
Horacio Ganau, Hugh Graham, Ian Darwin, Jakob Schlyter, Jan-Uwe
Finck,
Janne Johansson, Jason Downs, Jason Ish, Jason Wright,
Jun-ichiro itojun Hagino, Kenneth R Westerback, Kevin Lo, Kjell
Wooding,
M. Warner Losh, Marc Espie, Marco S Hyman, Mark Grimes,
Markus Friedl, Mats O Jansson, Matt Behrens, Matthew Jacob,
Matthieu Herrb, Michael Shalayeff, Miod Vallat, Nathan Binkert,
Niels Provos, Niklas Hallqvist, Oleg Safiullin, Paul Janzen,
Peter Galbavy, Phillip Lenhardt, Reinhard J Sammer, Sontri Tomo
Huynh,
Steve Murphree, Theo de Raadt, Thorsten Lockert, Tobias Weingartner,
Todd C. Miller, Todd T. Fries, Wim Vandeputte, and Yannick Cote.
For press contact, please contact press@OpenBSD.org.

List of FTP sites

The following list should be helpful for those who want to install
OpenBSD via FTP.

ftp://carroll.cac.psu.edu/pub/OpenBSD; Pennsylvania,
USA
ftp://download.sourceforge.net/pub/mirrors/OpenBSD; Sunnyvale, CA,
USA
ftp://filoktitis.noc.uoa.gr/pub/OpenBSD; Athens, Greece
ftp://ftp.au.openbsd.org/pub/OpenBSD; Melbourne,
Australia
ftp://ftp.bsdfr.org/pub/OpenBSD; Oleane, France
ftp://ftp.ca.openbsd.org/pub/OpenBSD; Edmonton,
Canada
ftp://ftp.calyx.nl/pub/OpenBSD; Amsterdam,
Netherlands
ftp://ftp.chg.ru/pub/OpenBSD; Chernogolovka,
Russia
ftp://ftp.de.openbsd.org/unix/OpenBSD; Berlin, Germany
ftp://ftp.duth.gr/pub/OpenBSD; Thrace, Greece
ftp://ftp.esat.net/pub/OpenBSD; Dublin, Ireland
ftp://ftp.eu.openbsd.org/pub/OpenBSD; Zurich,
Switzerland
ftp://ftp.fr.openbsd.org/pub/OpenBSD; Paris, France
ftp://ftp.gigabell.net/pub/OpenBSD; Frankfurt,
Germany
ftp://ftp.grolier.fr/pub/OpenBSD; Paris, France
ftp://ftp.inet.no/pub/OpenBSD; Oslo, Norway
ftp://ftp.it.net.au/mirrors/OpenBSD; Perth,
Australia
ftp://ftp.jp.openbsd.org/pub/OpenBSD; Tokyo, Japan
ftp://ftp.kddlabs.co.jp/OpenBSD; Tokyo, Japan
ftp://ftp.kmitl.ac.th/pub/OpenBSD; Thailand
ftp://ftp.knowledge.com/pub/mirrors/OpenBSD; London, UK
ftp://ftp.netlab.is.tsukuba.ac.jp/pub/os/OpenBSD; Ibaraki, Japan
ftp://ftp.nl.uu.net/pub/OpenBSD; Amsterdam,
Netherlands
ftp://ftp.nz.openbsd.org/pub/OpenBSD; Auckland, New
Zealand
ftp://ftp.op.net/pub/OpenBSD; Ambler, PA, USA
ftp://ftp.openbsd.org.ar/pub/OpenBSD; Buenos Aires,
Argentina
ftp://ftp.openbsd.org/pub/OpenBSD; Edmonton,
Canada
ftp://ftp.plig.org/pub/OpenBSD; London, UK
ftp://ftp.radio-msu.net/pub/OpenBSD; Moscow, Russia
ftp://ftp.rediris.es/mirror/OpenBSD; Madrid, Spain
ftp://ftp.snu.ac.kr/pub/OpenBSD; Seoul, Korea
ftp://ftp.src.uchicago.edu/pub/openbsd; Chicago, IL, USA
ftp://ftp.stacken.kth.se/pub/OpenBSD; Stockholm,
Sweden
ftp://ftp.sunet.se/pub/OpenBSD; Uppsala, Sweden
ftp://ftp.task.gda.pl/pub/OpenBSD; Gdansk, Poland
ftp://ftp.tux.org/bsd/openbsd; Springfield, VA,
USA
ftp://ftp.volftp.mondadori.com/mirror/openbsd; Italy
ftp://ftp.wiretapped.net/pub/OpenBSD; Sydney,
Australia
ftp://ftp.usa.openbsd.org/pub/OpenBSD; Boulder, CO, USA
ftp://ftp1.usa.openbsd.org/pub/OpenBSD; Ann Arbor, MI,
USA
ftp://ftp7.usa.openbsd.org/pub/os/OpenBSD; West Lafayette,
IN, USA
ftp://gandalf.neark.org/pub/distributions/OpenBSD; Batesville, AR,
USA
ftp://gd.tuwien.ac.at/opsys/OpenBSD; Vienna, Austria
ftp://mirror.aarnet.edu.au/pub/OpenBSD; Brisbane,
Australia
ftp://openbsd.csie.nctu.edu.tw/pub/OpenBSD; Taiwan
ftp://quasar.uvt.ro/pub/OpenBSD; Timisoara,
Romania
ftp://rt.fm/pub/OpenBSD; Algonquin, IL,
USA
ftp://sunsite.cnlab-switch.ch/pub/OpenBSD; Zurich,
Switzerland
ftp://sunsite.org.uk/Mirrors/ftp.openbsd.org/pub/OpenBS; London, UK
ftp://sunsite.uio.no/pub/OpenBSD; Oslo, Norway
ftp://uiarchive.uiuc.edu/pub/systems/OpenBSD; Urbana, IL, USA
ftp://vell.nsc.ru/pub/OpenBSD; Novosibirsk,
Russia

Click Here!